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IN THE CLAIMS 



V 



1 \ (Currently Amended) A content management method for a data storage provided with 
a plurality of content storing means, comprising the steps of: 

bcrypting, with a first storage key, a content key encrypted with the first storage key 
and stored^along with a content encrypted with the content key in a first content storing 
means; 

encrypting\he content key obtained by the above decryption with a newly generated 
second storage key; aiid 

storing the conteM key encrypted with the second storage key along with the 
encrypted content in a second content storing means; 

whereby said first and second content storing means are located at a site that is remote 
from the site where said encrypting is performed . 

2. (Original) The method as setNforth in Claim 1, wherein the second storage key is 
generated based on a random number. 

3 . (Original) The method as set forth\n Claim 1 , wherein the content key obtained by 
the decryption is encrypted with identification information of the second content storing 
means and stored into the second content storing means. 

4. (Original) The method as set forth in Claim 1, wherein the content key is encrypted, 
in the first content storing means, with the first storage key and identification information of 
the first content storing means, and the content key stored in the first content storing means is 
decrypted with the first storage key and identification infoknation of the first content storing 
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5. toriginal) The method as set forth in Claim 1, wherein the second storage key is 
generated by a decrypted key generating means provided in the data storage. 

6. (Original) The method as set forth in Claim 5, wherein the second storage key is 
encrypted with a public key for a key management unit for management of the storage keys 
to generate a third storage key and the third storage key is stored into the second content 
storing means. 

7. (Original) The methpd as set forth in Claim 6, wherein the data storage deletes the 

\ 

second storage key dependingnipon whether the third storage key has been stored in the 
second content storing means. 

8. (Original) The method as setVorth in Claim 7, wherein when decrypting the content 
key stored in the second content storing^means, the data storage sends the third storage key to 
the key management unit; and the key management unit generates a second storage key based 
on the third storage key while accounting the^data service following a predetermined 
procedure. 

9. (Original) The method as set forth in ClaiVi 1, wherein the second storage key is 
generated by a storage key generating means provided in the key management unit which 
manages the storage keys; and the key management unit has stored therein the second storage 
key and the identification information of the second content storing means in which the 
content key encrypted with the above generated second storage key. 

10. (Original) The method as set forth in Claim 9, wheri^in upon the generation of the 
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second storage key, the key management unit accounts the data service following the 
predetermined procedure. 

1 1 . (Original) The method as set forth in Claim 9, wherein the key management unit 
encrypts the second storage key with the management key to generate a third storage key, and 
sends the third storage key to the data storage; and the data storage stores the received third 
storage key into the\econd content storing means. 

12. (Original) The method as set forth in Claim 11, wherein the data storage deletes the 
second storage key depending upon whether the third storage key has been stored in the 
second content storing means. 

13. (Original) The method\s set forth in Claim 12, wherein the key management unit 
has stored therein the identification information of the second content storing means in which 



the content key encrypted with the second storage key; the data storage sends, when 
decrypting the content key stored in second content storing means, the identification 
information of the second content storin^^^eans to the key management unit; and the key 
management unit generates a second stora^key based on the result of comparison between 
the identification information of the second content storing means, send from the data 
storage, and the identification information of th^econd content storing means, held in the 
key management unit itself, while accounting the d^ta service following the predetermined 
procedure. 

14. (Original) The method as set forth in Claim 1, \^erein the second content storing 
means has stored therein the identification information or^he data storage. 

166300 




PATENT 
450100-02090 



15. (Original) The method as set forth in Claim 14, wherein the data storage starts 
decrypting the content key stored in the second content storing means depending upon the 
result of an inspection of the identification information of the data storage, stored in the 
second content^toring means. 

1 6. (Original)\rhe method as set forth in Claim 1 , wherein the decrypted content key 
supplied from the second content storing means has added thereto information that the 
content key is a one obtained by restoration. 

17. (Original) The method as set forth in Claim 16, wherein when moving the content key 
having added thereto the inforhiation that the content key is a restored one, the data storage 



makes an error process based onihe result of comparison between the content key and a 
content key stored in a destination tb which the content key is to be moved. 

18. (Original) The method as set fo^h in Claim 1 , wherein the content key has added 
thereto frequency information which limits the number of times the content key can be used. 

1 9. (Original) The method as set forth irk Claim 1 , wherein the content key stored in the 
first content storing means is stored along witkthe identification information of the first 
content storing means into the second content storing means; the identification information 
stored in the second content storing means is storedWo the data storage when the content 
key stored in the second content storing means is decrWted; and the data storage makes, 
when a request is made to decrypt the content key in the^rst content storing means, an error 
process based on the result of comparison between the identification information of the first 
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coivbent storing means in consideration and the identification information of the second 
contentsstoring means. 

20. (Currently Amended) A content storage system, comprising: 

a first content storing means having stored therein a content key encrypted with a first 
storage key and a\x)ntent encrypted with the content key; 
means for decn^jting a data and key data; 
means for encrypting the data and key data; 
means for generatiri^ a storage key; 

a second content storing means for storing an encrypted content key obtained by 
encrypting, in the encrypting me^s, the content key obtained by decryption with the first 
storage key in the decrypting means,Vsing the second storage key generated by the storage 
key generating means, and the encrypted content; and 

means for storing the storage keys;^ 

whereby said first and second content Voring means are located at a site that is remote 

\ 

from the site where said encrypting is performedX 

21 . (Original) The system as set forth in Claim 2<), wherein the storage key storing means 
generates the second storage key by means of a randon\ number generator. 

22. (Original) The system as set forth in Claim 20, wherein a content key obtained by 
encrypting, in the encrypting means, the content key obtaine^by the decryption in the 
decrypting means, with the first storage key and identification mformation of the second 
content storing means, is stored in the second content storing meatjs. 
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23. \ (Original) The system as set forth in Claim 20, wherein the content key is encrypted, 
in the firkt content storing means, with the first storage key and identification information of 
the first coment storing means; and the content key stored in the first content storing means is 
decrypted witlis^he first storage key and identification information of the first content storing 
means. 

24. (Original) Tli^ system as set forth in Claim 20, wherein the first content storing 
means, decrypting mea^, encrypting means, second content storing means, storage key 
storing means and storage\ey generating means form together a data storage; and further 
comprising a key managemem unit which manages the storage keys of the data storage. 

25. (Original) The system a^ set forth in Claim 24, wherein the data storage is a data 
receiver which receives a content^ncrypted and sent from a data transmitter. 

26. (Original) The system •rth in Claim 24, further comprising means for storing 
the public key of the key management unit; and wherein the second content storing means has 
stored therein the second storage key along, with a third storage key obtained by encrypting 
the second storage key with the public key. \ 

27. (Original) The system as set forth in Cl^m 26, wherein the data storage deletes the 
second storage key depending upon whether the th^rd storage key is stored in the second 
content storing means. 

28. (Original) The system as set forth in Claim 27, Wherein when decrypting the content 
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keyWored in the second content storing means, the data storage sends the third storage key to the 
key management unit; and the key management unit sends a second storage key generated based 
on the thirdsstorage key to the data transmitter while accounting the data service following a 
predetermined i)rocedure. 

29. (Original)\he system as set forth in Claim 24, wherein the second content storing 
means has stored themn the identification information of the data storage. 

30. (Original) The system as set forth in Claim 29, wherein the data storage starts 
decrypting the content key\l;ored in the second content storing means depending on the result of 
inspection of the identification^information of the data storage, stored in the second content 

\ 

storing means. \ 

3 1 . (Original) The system as set tprth in Claim 20, wherein the first content storing 
means, decrypting means, encrypting rAeans, second content storing means and storage key 
storing means form together a data storage; and comprising the storage key generating means 
and further a key management unit which manages the storage keys of the data storage. 

32. (Original) The system as set forth in Cla\p 31, wherein the data storage is a data 
receiver which receives a content encrypted and s^t from a data transmitter. 

33. (Original) The system as set forth in Claim sV, wherein the key management unit 
comprises an identification information storing means irt^ which the storage key generated by the 
key management unit and the identification information of the content storing means in which 
the content key encrypted with the generated storage key. 

34. (Original) The system as set forth in Claim 3 1 , wherein the key management unit 
accounts the data service following the predetermined procedure d^ending upon the generation 
of the storage key. 
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35. Voriginal) The system as set forth in Claim 31, wherein the key management unit 
comprises; means for storing storage keys; the key management unit generates a third storage key 
by decrypting the second storage key with the storage key and sends it to the data storage; and 
the data storage stores the third storage key into the second content storing means. 

36. (OriginalXThe system as set forth in Claim 35, wherein the data storage deletes the 
second storage key (depending upon whether the third storage key is stored into the second 
content storing means) 

37. (Original) The system as set forth in Claim 36, wherein the key management unit 
comprises means for storing the second storage key and the identification information of the 
second content storing means\^which the content key encrypted with the second storage key is 
stored; the key management unit Recounts, when the data storage decrypts the content key, the 
data service following the predetermined procedure based on the result of comparison between 
the identification information of the second content storing means, sent from the data storage, 
and the identification information stored in the identification information storing means. 

38. (Original) The system as set forth inV;iaim 31, wherein the second content storing 
means has stored therein the identification inforaiation of the data storage. 

39. (Original) The system as set forth in Claim 38, wherein the data storage starts 
decrypting the content key stored in the second contW storing means. 

40. (Original) The system as set forth in Claim 20, Wherein the content key obtained by 
decryption from the second content storing means has adoed thereto information that the content 
key is a one obtained by restoration, as requirement informaiion. 

41 . (Original) The system as set forth in Claim 20, whereimthe content key has added thereto 
frequency information which limits the number of times the contetjt key can be used. 
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